<?php
/**
 * Hoffman Framework
 *
 * LICENSE
 *
 * This source file is subject to the GNU LGPL 2.1 license that is bundled
 * with this package in the file license.txt.
 * It is also available through the world-wide-web at this URL:
 * http://creativecommons.org/licenses/LGPL/2.1
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to annop@thaicyberpoint.com so we can send you a copy immediately.
 *
 * @package    Hoffman
 * @author     Ford AntiTrust
 * @copyright  Copyright (c) 2008 Ford AntiTrust (http://www.thaicyberpoint.com/ford/blog)
 * @since      Version Rv 0.2
 * @license    http://creativecommons.org/licenses/LGPL/2.1
 *             GNU LGPL 2.1
 * @filesource
 */

if (!defined('INDEX'))
    die('No direct script access allowed.');

/**
 * @see Zend_Acl
 */
require_once 'Zend/Acl.php';

/**
 * @see Zend_Acl_Role
 */
require_once 'Zend/Acl/Role.php';

/**
 * @see Zend_Acl_Resource
 */
require_once 'Zend/Acl/Resource.php';

/**
 * Acl
 *
 * @package     Hoffman
 * @subpackage  Hmf
 * @category    Acl
 * @author      Ford AntiTrust
 * @version     SVN: $Id: Acl.php 167 2010-02-18 10:32:16Z annop.s@gmail.com $
 * @link        http://www.thaicyberpoint.com/ford/blog/hmf
 */

class Hmf_Acl {

    /**
     * Store Zend_Acl instance
     *
     * @var Zend_Acl
     */
    public $acl;

    function __construct() {

        $this->acl = new Zend_Acl();
    }

    /**
     * Add role name
     *
     * @param string $roleName
     */
    function addRole($roleName) {

        $this->acl->addRole(new Zend_Acl_Role($roleName));
    }

    /**
     * Add parent role to child role (inherit with role)
     *
     * @param string $roleName
     * @param string $inheritFromRole
     */
    function addRoleInherit($roleName, $inheritFromRole) {

        $this->acl->addRole(new Zend_Acl_Role($roleName), $inheritFromRole);
    }

    /**
     * Add controller and action with allow permission
     *
     * @param string $roleName
     * @param string $controllerName
     * @param string $actionName
     * @return boolean
     */
    function allowPermission($roleName, $controllerName = null, $actionName = null) {

        return $this->permission('allow', $roleName, $controllerName, $actionName);
    }

    /**
     * Add controller and action with deny permission
     *
     * @param string $roleName
     * @param string $controllerName
     * @param string $actionName
     * @return boolean
     */
    function denyPermission($roleName, $controllerName = null, $actionName = null) {

        return $this->permission('deny', $roleName, $controllerName, $actionName);
    }

    /**
     * Add controller and action with allow or deny permission
     *
     * @param string $type [deny|allow]
     * @param string $roleName
     * @param string $controllerName
     * @param string $actionName
     * @return boolean
     */
    function permission($type, $roleName, $controllerName, $actionName = null) {

        if (!in_array($type, array('deny', 'allow'))) {
            return false;
        }
        if ($this->acl->hasRole($roleName)) {
            if (!$this->acl->has($controllerName)) {
                $this->acl->add(new Zend_Acl_Resource($controllerName));
            }
            $this->acl->{$type}($roleName, $controllerName, $actionName);
            return true;
        }
        return false;
    }

    /**
     * Check allow with role, controller and action name
     *
     * @param $roleName
     * @param $controllerName
     * @param $actionName
     * @return boolean
     */
    function isAllowed($roleName, $controllerName, $actionName) {

        return $this->acl->isAllowed($roleName, preg_replace('/^controller_/', '', $controllerName), $actionName);
    }
}
?>